RE: New IIS worm

] # Subject: Re: New IIS worm # # # On Sun, Sep 23, 2001 at 02:08:40PM +1000, Sam Couter wrote: # Karl E. Jorgensen [EMAIL PROTECTED] wrote: # Doesn't this leave you open to DOS attacks? I'm thinking # that source IP # addresses are relatively easy to forge, and hence an # attacher can forge

RE: New IIS worm

@lists.debian.org # Subject: Re: New IIS worm # # # On Sun, Sep 23, 2001 at 02:08:40PM +1000, Sam Couter wrote: # Karl E. Jorgensen [EMAIL PROTECTED] wrote: # Doesn't this leave you open to DOS attacks? I'm thinking # that source IP # addresses are relatively easy to forge, and hence

Re: New IIS worm

On Sun, Sep 23, 2001 at 02:08:40PM +1000, Sam Couter wrote: Karl E. Jorgensen [EMAIL PROTECTED] wrote: Doesn't this leave you open to DOS attacks? I'm thinking that source IP addresses are relatively easy to forge, and hence an attacher can forge a nimda attach and cause you to block off

Re: New IIS worm

Karl E. Jorgensen [EMAIL PROTECTED] wrote: Doesn't this leave you open to DOS attacks? I'm thinking that source IP addresses are relatively easy to forge, and hence an attacher can forge a nimda attach and cause you to block off legitimate IP addresses - ie. your DNS server our default

Re: New IIS worm

On Sun, Sep 23, 2001 at 02:08:40PM +1000, Sam Couter wrote: Karl E. Jorgensen [EMAIL PROTECTED] wrote: Doesn't this leave you open to DOS attacks? I'm thinking that source IP addresses are relatively easy to forge, and hence an attacher can forge a nimda attach and cause you to block off

Re: New IIS worm

Blowers wrote: You could use the hosts.deny file for this also, no? Best Regards, Allen -Original Message- From: Emmanuel Valliet [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 8:09 PM To: [EMAIL PROTECTED] Subject: Re: New IIS worm (2001-09-18

Re: New IIS worm

Blowers wrote: You could use the hosts.deny file for this also, no? Best Regards, Allen -Original Message- From: Emmanuel Valliet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 18, 2001 8:09 PM To: debian-security@lists.debian.org Subject: Re: New IIS worm

Re: New IIS worm

for this also, no? Best Regards, Allen -Original Message- From: Emmanuel Valliet [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 8:09 PM To: [EMAIL PROTECTED] Subject: Re: New IIS worm (2001-09-18) Emmanuel Valliet sed : | I know we don't care on linux, but I

RE: New IIS worm

You could use the hosts.deny file for this also, no? Best Regards, Allen -Original Message- From: Emmanuel Valliet [mailto:[EMAIL PROTECTED]] Sent: Tuesday, September 18, 2001 8:09 PM To: [EMAIL PROTECTED] Subject: Re: New IIS worm (2001-09-18) Emmanuel Valliet sed

RE: New IIS worm

You could use the hosts.deny file for this also, no? Best Regards, Allen -Original Message- From: Emmanuel Valliet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 18, 2001 8:09 PM To: debian-security@lists.debian.org Subject: Re: New IIS worm (2001-09-18) Emmanuel Valliet

Re: New IIS worm

(2001-09-18) Emmanuel Valliet sed : | | I know we don't care on linux, but I have reallly a lot of hits from | machine querying for the ..%%35c../winnt/system32/cmd.exe and Cie. | And it starts to make a lot of apache childs, and the global charge | grows consequently. | Is there a way to

Re: New IIS worm

(2001-09-18) Emmanuel Valliet sed : | | I know we don't care on linux, but I have reallly a lot of hits from | machine querying for the ..%%35c../winnt/system32/cmd.exe and Cie. | And it starts to make a lot of apache childs, and the global charge | grows consequently. | Is there a way to